LEAD SECURITY ANALYST

About Gartner IT.
Join a world-class team of skilled engineers and analysts who build creative digital solutions to support our colleagues and clients.
We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner.
Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.
About the role.
Gartner is looking for a well-rounded and motivated Lead Security Analyst to join its Governance Risk Management team which is responsible for providing IT Risk Management; IT Policies, Standards and Controls; and Audit/Governance oversight.
The Lead Security Analyst should have extensive experience with developing and implementing risk frameworks, understanding regulatory requirements, and assessing control compliance.
What you will do.
Responsible for supporting Gartner’s security control environment by managing risk associated with Information Technology, Information Security, Privacy, Regulatory Compliance and Governance.
This individual will play an integral role in.
(i) working closely with Information Security partners, and technology stakeholders to audit/test controls; (ii) ensuring risks are identified and understood; and (iii) developing and tracking risk remediation plans across our various business units.
Serve as subject matter expert and manage Risk Reviews / Risks / Risk Exception Requests Assess our control effectiveness and conduct control gap analysis against key Frameworks/Standards such as NIST, SOX, CMMC, ISO , GDPR, etc.
Track and monitor remediation and risk treatment plans.
Develop testing routines and schedules for our key regulatory requirements.
Understand and consider all relevant trade-offs required to manage different levels of risk tolerance and risk exposure across the organization and be able to communicate to responsible team members.
Partner with internal Security Operations and Engineering to ensure risks are well understood and proposed countermeasures are effective at mitigating risk.
Coordinate with technology, audit, ERM, and information security stakeholders to assess, implement, and monitor information security-related risks/threats.
Support and advise business-led projects on information security-related risks and standards compliance.
Lead efforts to implement and maintain security policies and remediation processes.
Perform proactive technical research to detect emerging risks and threat trends.
Understand “voice of the customer” and develop mechanisms to proactively sense adoption and usage patterns of current or emerging consumer technologies so that policy can align with need.
Provide leadership/peers/business with reporting and timely updates that tells the story needed for the audience.
Continuously look for ways to improve (quality and efficiency) the process.
Take ownership of assignments & drive them to completion.
Work collaboratively across functional areas for innovation to turn new ideas into reality.
Assist others on the team for Policy and Certification/Assessment efforts, Client support including contract reviews.
What you will need.
Ideal candidates have experience in IT with a strong understanding of Information Security.
Candidates should have strong communication and attention to detail.
Strong communication to partner with many departments within Gartner as well as occasionally working directly with clients.
Strong attention to detail to ensure we provide accurate and consistent Risk Reviews, Audit Assessments, answers to stakeholders (including clients), as well as thorough reviews of contracts/documents.
Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.
7-10 years of experience in IT and/or Information Security.
Proven communication, collaboration, critical thinking skills and attention to detail.
Familiarity with technical security controls, guidelines, certifications, regulations and framework (e.
., NIST CSF, NIST , SOX, CMMC, ISO , GDPR).
Experience with Risk Registry, Risk Exceptions, Audit Process, Policy/Standard/Controls.
Ability to define and communicate risk in a business-relevant language and to non-technical audiences.
Deep technical expertise in at least one additional area of Information Security.
Experience with Information Security, Physical Security, Legal, and other IT processes and functions.
Experience with implementing national and international regulatory compliances and frameworks such as NIST Cyber Security Framework, CMMC, ISO, SOX, GDPR, etc.
Familiarity with technical security controls, guidelines, and frameworks outlined by standards such as SOC2, ISO , NIST .
Have a knack for finding flaws in processes and the ability to efficiently communicate how to fix them.
Proven ability to communicate and educate Engineering and Architecture teams as to why Information Security is an important function to the business.
Ability to think like a bad actor and use that context to develop threat models.
Understanding and working experience with cloud / server / container / vulnerability security tools.
Preferred skills in Microsoft Office, JIRA, OneTrust and Confluence.
What you will get.
Competitive compensation package Ongoing membership and apprenticeship; Leadership courses, development programs, technical courses, certification opportunities and more! 20+ PTO days plus holidays and floating holidays in your first year Extensive Medical, Dental, and Vision plans Hybrid environment with flexibility, remote work Parental (Maternal and Paternity) leave Gartner Gives Charity Match Employee Assistance Program (EAP) Employee Stock Purchase Plan Health and wellness related allowance programs 401k with corporate match Collaborative, team-oriented culture that embraces diversity Professional development and unlimited growth opportunities Don’t meet every single requirement? We encourage you to apply anyway.
You might just be the right candidate for this, or other roles.
#LI-SS4 #LI-Hybrid Who are we? At Gartner, Inc.
(NYSE.
IT), we deliver actionable, objective insight that drives smarter decisions and stronger performance on an organization’s mission-critical priorities.
We’ve grown exponentially since our founding in and we're proud to have over associates globally that support over client enterprises in more than 100 countries.
What makes Gartner a great place to work? Our teams are composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.
We believe that a diversity of experiences makes us stronger—as individuals, as communities and as an organization.
That’s why we're recognized worldwide as a great place to work year after year.
We've been recognized by Fortune as one of the World’s Most Admired Companies, named a Best Place to Work for LGBTQ Equality by the Human Rights Campaign Corporate Equality Index and a Best Place to Work for Disability Inclusion by the Disability Equality Index.
Looking for a place to turn your big ideas into reality? Join #LifeAtGartner What we offer.
Our people are our most valuable asset, so we invest in them from Day 1.
When you join our team, you’ll have access to a vast array of benefits to help you live your life well.
These resources are designed to support your physical, financial and emotional well-being.
We encourage continued personal and professional growth through ongoing learning and development opportunities.
Our employee resource groups, charity match and volunteer programs keep you connected to your internal Gartner community and causes that matter to you.
Gartner believes in fair and equitable pay.
A reasonable estimate of the base salary range for this role is USD - USD.
Please note that actual salaries may vary within the range, or be above or below the range, based on factors including, but not limited to, education, training, experience, professional achievement, business need, and location.
In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a role-based, uncapped sales incentive plan.
Our talent acquisition team will provide the specific opportunity on our bonus or incentive programs to eligible candidates.
We also offer market leading benefit programs including generous PTO, a 401k match up to $ per year, the opportunity to purchase company stock at a discount, and more.
The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.
Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities.
If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability.
You may request reasonable accommodations by calling Human Resources at + or by sending an email to  .
Job Requisition ID.
By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.
Gartner Applicant Privacy Link.
https://jobs.
artner.
om/applicant-privacy-policy For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.